AyKay47

What debugging steps have you taken? Make sure error_reporting is set to E_ALL or -1 and display_errors is set to ON or 1 It may help to post the form

If you are not sure what ChristianF is talking about, try googling "MVC Framework".

1. str_ireplace requires a string for the first parameter, not a string format. 2. Generate the URL inside of the while loop, $E_ID contains the last value from the database.

Wasn't a core function, there are custom functions floating around that will do it.

There is no core PHP function that will do the entire process for you.

My guess would be the "@" symbol in the password is throwing it off. I don't know the specifics of what exactly causes this, but there has been bug report(s) on it. Try changing the password for that user to a simple string and see if that works.

$_SERVER['PHP_SELF'] should never be used as a forms action, as it can rather easily be spoofed. Instead if you want the form to submit to itself, use action=''

Then no rows were found..

All that should need to be passed is the id, and I do not see why that would need to be hidden or encrypted.

If you output: echo "<pre>"; print_r($cdata); echo "</pre>"; You will get a better idea of the array structure.

What exactly do you mean? PHP code can only be interpreted in a php file. Mod_rewrite would allow you to change the PHP file to look like an HTML file in the URL, which addresses your initial question.

How is the array being generated? Post the relevant code to this thread.

change the query to: SELECT id FROM TABLENAME WHERE username='USER' AND password='PASSWORD' LIMIT 1 Again, single quotes can only be used a qualifiers is you configure the mysql server to accept them.

Place the MySQL debugging code in the login.php page and display the error(s) received. The MD5 comment applies to the entire application.

try foreach($_POST['calltotor'] as $toractions) { if(array_key_exists($toractions, $callstoaction)) echo $callstoaction[$toractions] . "<br>"; }